1.安装istio

要使用Helm自定义Istio安装,请使用--set <key>=<value>Helm命令中的选项覆盖一个或多个值

怎么使用选项配置请查看官网https://istio.io/docs/reference/config/installation-options/#servicegraph-options

模块说明
https://istio.io/docs/concepts/traffic-management/
https://blog.fleeto.us/post/istio-0.8.0-helm/

  1. certmanager
  2. galley
  3. gateways
  4. global
  5. grafana
  6. istio_cni
  7. istiocoredns
  8. kiali
  9. mixer
  10. nodeagent
  11. pilot
  12. prometheus
  13. security
  14. servicegraph
  15. sidecarInjectorWebhook
  16. tracing
[root@master istio-1.1.]# helm template install/kubernetes/helm/istio \

--name istio --namespace istio-system \

--set sidecarInjectorWebhook.enabled=true \

--set ingress.service.type=NodePort \

--set gateways.istio-ingressgateway.type=NodePort \

--set gateways.istio-egressgateway.type=NodePort \

--set tracing.enabled=true \

--set servicegraph.enabled=true \

--set prometheus.enabled=true \

--set tracing.jaeger.enabled=true \

--set grafana.enabled=true > istio.yaml
[root@master istio-1.1.5]# kubectl create namespace istio-system
[root@master istio-1.1.]# kubectl apply -f istio.yaml

poddisruptionbudget.policy/istio-galley unchanged

poddisruptionbudget.policy/istio-ingressgateway unchanged

poddisruptionbudget.policy/istio-policy unchanged

poddisruptionbudget.policy/istio-telemetry unchanged

poddisruptionbudget.policy/istio-pilot unchanged

configmap/istio-galley-configuration unchanged

configmap/istio-grafana-custom-resources unchanged

configmap/istio-grafana-configuration-dashboards-galley-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-istio-mesh-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-istio-performance-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-istio-service-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-istio-workload-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-mixer-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-pilot-dashboard unchanged

configmap/istio-grafana unchanged

configmap/prometheus unchanged

configmap/istio-security-custom-resources unchanged

configmap/istio configured

configmap/istio-sidecar-injector configured

serviceaccount/istio-galley-service-account unchanged

serviceaccount/istio-ingressgateway-service-account unchanged

serviceaccount/istio-grafana-post-install-account unchanged

clusterrole.rbac.authorization.k8s.io/istio-grafana-post-install-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-grafana-post-install-role-binding-istio-system unchanged

job.batch/istio-grafana-post-install-1.1. unchanged

serviceaccount/istio-mixer-service-account unchanged

serviceaccount/istio-pilot-service-account unchanged

serviceaccount/prometheus unchanged

serviceaccount/istio-cleanup-secrets-service-account unchanged

clusterrole.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged

job.batch/istio-cleanup-secrets-1.1. unchanged

serviceaccount/istio-security-post-install-account unchanged

clusterrole.rbac.authorization.k8s.io/istio-security-post-install-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-security-post-install-role-binding-istio-system unchanged

job.batch/istio-security-post-install-1.1. unchanged

serviceaccount/istio-citadel-service-account unchanged

serviceaccount/istio-sidecar-injector-service-account unchanged

serviceaccount/istio-multi unchanged

clusterrole.rbac.authorization.k8s.io/istio-galley-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-mixer-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/prometheus-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-sidecar-injector-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-reader unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-galley-admin-role-binding-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-mixer-admin-role-binding-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/prometheus-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-sidecar-injector-admin-role-binding-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-multi unchanged

role.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged

rolebinding.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged

service/istio-galley unchanged

service/istio-ingressgateway configured

service/grafana unchanged

service/istio-policy unchanged

service/istio-telemetry unchanged

service/istio-pilot unchanged

service/prometheus unchanged

service/istio-citadel unchanged

service/servicegraph created

service/istio-sidecar-injector unchanged

deployment.extensions/istio-galley configured

deployment.extensions/istio-ingressgateway configured

deployment.extensions/grafana unchanged

deployment.extensions/istio-policy configured

deployment.extensions/istio-telemetry configured

deployment.extensions/istio-pilot configured

deployment.extensions/prometheus unchanged

deployment.extensions/istio-citadel configured

deployment.extensions/servicegraph created

deployment.extensions/istio-sidecar-injector configured

deployment.extensions/istio-tracing unchanged

horizontalpodautoscaler.autoscaling/istio-ingressgateway unchanged

horizontalpodautoscaler.autoscaling/istio-policy unchanged

horizontalpodautoscaler.autoscaling/istio-telemetry unchanged

horizontalpodautoscaler.autoscaling/istio-pilot unchanged

service/jaeger-query unchanged

service/jaeger-collector unchanged

service/jaeger-agent unchanged

service/zipkin unchanged

service/tracing unchanged

mutatingwebhookconfiguration.admissionregistration.k8s.io/istio-sidecar-injector configured

attributemanifest.config.istio.io/istioproxy unchanged

attributemanifest.config.istio.io/kubernetes unchanged

metric.config.istio.io/requestcount unchanged

metric.config.istio.io/requestduration unchanged

metric.config.istio.io/requestsize unchanged

metric.config.istio.io/responsesize unchanged

metric.config.istio.io/tcpbytesent unchanged

metric.config.istio.io/tcpbytereceived unchanged

metric.config.istio.io/tcpconnectionsopened unchanged

metric.config.istio.io/tcpconnectionsclosed unchanged

handler.config.istio.io/prometheus unchanged

rule.config.istio.io/promhttp unchanged

rule.config.istio.io/promtcp unchanged

rule.config.istio.io/promtcpconnectionopen unchanged

rule.config.istio.io/promtcpconnectionclosed unchanged

handler.config.istio.io/kubernetesenv unchanged

rule.config.istio.io/kubeattrgenrulerule unchanged

rule.config.istio.io/tcpkubeattrgenrulerule unchanged

kubernetes.config.istio.io/attributes unchanged

destinationrule.networking.istio.io/istio-policy unchanged

destinationrule.networking.istio.io/istio-telemetry unchanged

如上,使用helm时报这个错误 Helm: Error: no available release name found
Error: release sitewhere failed: namespaces "default" is forbidden: User "system:serviceaccount:kube-system:default" cannot get resource "namespaces" in API group "" in the namespace "default"
错误的原因大概是因为 tiller没有正确的角色权限。
执行以下命令可解决这个问题。

[root@master servicegraph]# kubectl create serviceaccount --namespace kube-system tiller

serviceaccount/tiller created

[root@master servicegraph]# kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller

clusterrolebinding.rbac.authorization.k8s.io/tiller-cluster-rule created

[root@master servicegraph]# kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'

deployment.extensions/tiller-deploy patched

2.Prometheus、Grafana、Servicegraph和Jaeger服务创建 Ingress

[root@master istio-1.1.]# vim ingress-istio.yaml

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

 name: prometheus

 namespace: istio-system

spec:

 rules:

 - host: prometheus.istio.io

   http:

     paths:

     - path: /

       backend:

         serviceName: prometheus

         servicePort:

---

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

 name: grafana

 namespace: istio-system

spec:

 rules:

 - host: grafana.istio.io

   http:

     paths:

     - path: /

       backend:

         serviceName: grafana

         servicePort:

---

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

 name: servicegraph

 namespace: istio-system

spec:

 rules:

 - host: servicegraph.istio.io

   http:

     paths:

     - path: /

       backend:

         serviceName: servicegraph

         servicePort:

---

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

 name: tracing

 namespace: istio-system

spec:

 rules:

 - host: tracing.istio.io

   http:

     paths:

     - path: /

       backend:

         serviceName: tracing

         servicePort: 
[root@master istio-1.1.]# kubectl apply -f ingress-istio.yaml

通过 http://grafana.istio.io访问 Grafana 服务
通过http://servicegraph.istio.io访问 ServiceGraph 服务
       http://servicegraph.istio.io/force/forcegraph.html: 这是一个交互式的d3.js可视化
       http://servicegraph.istio.io/dotviz: 静态graphviz可视化.
       http://servicegraph.istio.io/dotgraph: 提供点序列化.
       http://servicegraph.istio.io/d3graph: 为D3可视化提供JSON序列化
       http://servicegraph.istio.io/graph: 提供通用JSON序列化.
通过 http://tracing.istio.io/访问 Jaeger 跟踪页面:
通过 http://prometheus.istio.io/访问 Prometheus 页面:

参考:https://www.sohu.com/a/244910852_684389

helm安装kubernetes的插件istio的更多相关文章

  1. Centos 使用kubeadm安装Kubernetes 1.15.3

    本来没打算搞这个文章的,第一里面有瑕疵(没搞定的地方),第二在我的Ubuntu 18 Kubernetes集群的安装和部署 以及Helm的安装 也有安装,第三 和社区的问文章比较雷同 https:// ...

  2. ARM架构安装Kubernetes集群

    背景 类型 版本 操作系统 CentOS Linux release 7.6.1810 (AltArch) 内核 Linux master 4.18.0-80.7.2.el7.aarch64 硬件配置 ...

  3. Kubernetes-使用Helm安装istio

    添加istio库: helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.3.4/charts/ ...

  4. kubernetes包管理工具Helm安装

    helm官方建议使用tls,首先生成证书. openssl genrsa -out ca.key.pem openssl req -key ca.key.pem -new -x509 -days -s ...

  5. kubernetes实战(十):k8s使用Helm安装harbor

    1.基本概念 对于复杂的应用中间件,需要设置镜像运行的需求.环境变量,并且需要定制存储.网络等设置,最后设计和编写Deployment.Configmap.Service及Ingress等相关yaml ...

  6. 使用kubeadm安装kubernetes/部署前准备/flannel网络插件/镜像下载/

    本文内容参考<kuberneters进阶实战>/马哥的新书/推荐 部署前的准备 主机名称解析 分布式系统环境中的多主机通信通常基于主机名称进行,这在IP地址存在变化的可能性时为主机提供了固 ...

  7. 使用脚本在Linux服务器上自动安装Kubernetes的包管理器Helm

    Helm之于Kubernetes好比yum之于Red Hat Enterprise Linux,或者apt-get之于Ubuntu. Helm是由helm CLI和Tiller组成,是典型的Clien ...

  8. kubernetes实战篇之helm安装

    系列目录 Helm是kubernetes的应用包管理工具,是CNCF孵化器下的一个项目,主要用来管理 Charts.类似于 Ubuntu 中的 APT 或 CentOS 中的 YUM.它提供了一种简单 ...

  9. Helm 安装部署Kubernetes的dashboard

    Kubernetes Dashboard 是 k8s集群的一个 WEB UI管理工具,代码托管在 github 上,地址:https://github.com/kubernetes/dashboard ...

随机推荐

  1. 在SpringBoot 1.5.3上使用gradle引入hikariCP

    在SpringBoot 1.5.3上使用gradle引入hikariCP hikari来源于日语,是“光”的意思,号称“史上最快数据库连接池”,也是springboot2.0最新版默认的连接池.但是s ...

  2. linux 7 添加永久路由方法

    linux 7 添加永久路由 用route命令添加 仅仅是当前状态下生效,一旦重启就会失效. 所以要在/etc/sysconfig/network-scripts/这个路径下添加一个文件route-{ ...

  3. Django添加生产环境配置

    在初始化阶段,Django会帮我们创建一个settings.py目录,所有Django的配置都在这个模块中,这样就会产生一些问题,比如同一份配置怎么来更好的区分开发环境和线上环境.当然可以在setti ...

  4. 【FJWC2018】最大真因数

    题面 Description 一个合数的真因数是指这个数不包括其本身的所有因数, 例如 6 的正因数有1, 2, 3, 6,其中真因数有 1, 2, 3. 一个合数的最大真因数则是这个数的所有真因数中 ...

  5. exports和module.exports的区别——学习笔记

    一开始,exports和module.exports都指向空对象(同一内存块),exports是引用 module.exports的值.module.exports 被改变的时候,exports不会被 ...

  6. 修改ie版本为Edge

    <meta http-equiv="X-UA-Compatible" content="IE=Edge"> #以上代码告诉IE浏览器,IE8/9及以 ...

  7. loj2001[SDOI2017]树点染色

    题意:给你一棵树,一开始每个点上的颜色互不相同.三种操作:op1:x到根的路径上的点都染上一种新的颜色.op2:设一条路径的权值为val(x,y),求x到y路径的val.op3:询问x的子树中最大的到 ...

  8. hdu第九场多校

    02:线段树两次扫描 #include<bits/stdc++.h> #include<vector> using namespace std; #define maxn 30 ...

  9. csp-s模拟测试95

    csp-s模拟测试95 去世场祭. $T1$:这不裸的除法分块吗. $T2$:这不裸的数据结构优化$Dp$吗. $T3$:这不裸的我什么都不会搜索骗$30$分吗. 几分钟后. 这除法分块太劲了..(你 ...

  10. sqlalchemy session

    Cookie cookie是浏览器保存在用户电脑上的一小段文本,用来保存用户在网站上的必要的信息.Web页面或服务器告诉浏览器按照一定的规范存储这些信息,并且在以后的所有请求中,这些信息就会自动加在h ...